Open kenkendk opened 7 years ago
This is possible through docker configuration. Simply bind the settings you need to a volume. Example in docker-compose for the ELK container:
version: '3'
services:
elk:
image: sebp/elk
container_name: elk
restart: always
ports:
- '5601:5601'
- '9200:9200'
- '5044:5044'
volumes:
- elklogstashconf:/etc/logstash/conf.d/
volumes:
elklogstashconf:
Then you can edit those in the default volume location on the host.
vim /var/lib/docker/volumes/kibana_elklogstashconf/_data/02-beats-input.conf
This could also be done with this filebeat container but you mentioned the SSL settings for beat input.
If you want to put your own certs (from your own elk server) into this filebeat container change the docker-compose.yml
version: '3'
services:
filebeat:
image: bargenson/filebeat
container_name: filebeat
environment:
LOGSTASH_HOST: elk.domain
LOGSTASH_PORT: 5044
SHIPPER_NAME: myshipper
volumes:
- /var/run/docker.sock:/tmp/docker.sock
- pkiclient:/etc/pki/client/
restart: always
volumes:
pkiclient:
Then you put the cert.pem and cert.key into that volume.
cp -p mycert.pem /var/lib/docker/volumes/filebeat_pkiclient/_data/cert.pem
cp -p mycert.key /var/lib/docker/volumes/filebeat_pkiclient/_data/cert.key
The names have to be cert.pem and cert.key.
I really like the idea, but for me to deploy something like this, I need to specify the SSL options.
Both the CA, the client cert and client key needs to be configureable.